Mask Attack in Facial Recognition – Key Insights to Fortify Facial Identification Systems
Author: admin | 11 Mar 2024In This Post
Presentation attacks on facial recognition systems are increasing at an alarming rate. It is complicated to detect different forms of Presentation attacks without cutting-edge facial recognition software that can deter fraudulent attacks like the famous ‘Mask Attack’. Preventing Mask Attacks requires comprehensive knowledge about this malpractice and facial identity verification solutions like Facia must prioritize its prevention at the center of their Presentation attack detection capabilities.
What is a Mask Attack?
Mask Attack is a fraudulent practice in which a facial recognition system is deceived by wearing a facial mask that can be prosthetic, paper, or any other highly realistic mask that has the capability of outwitting the Facial Recognition technology. Facial recognition software works by detecting, verifying, and authenticating the facial features of an individual. For this purpose, they have unique technologies including a parametric approach to verify digital facial identities.
Despite the stringent Face ID checks and robust anti-fraud features, Mask Attacks are also advancing through digitally crafted spoofing techniques, posing a challenge to swift and accurate facial verification.
Techniques of Mask Attack
A Mask Attack itself is a type of presentation attack. Several techniques are employed to carry out a mask attack to spoof an identity verification system with facial recognition. Here is a list of 6 major techniques used by fraudsters to spoof identities:
| Sr No. | Technique | Material Used | Risk Score | Comments |
| 1 | Physical Mask Attack |
| 8/10 | Highly realistic if crafted prosthetically well to alter facial features once worn. |
| 2 | Printed Mask Attack |
| 7/10 | Slightly less effective than physical masks due to the missing depth and texture of a real face. |
| 3 | Composite Mask Attack |
| 6/10 | Slightly not effective as the resulting mask is a combination of different facial features that may be detected easily. |
| 4 | 3-D Mask Attack |
| 9/10 | Highly effective and sophisticated in fooling facial recognition technology |
| 5 | Makeup Mask Attack |
| 5/10 | Less effective due to lighting conditions, the quality of cosmetic items used, and the makeup artist’s skill level. |
| 6 | Replay Mask Attack |
| 7/10 | Can be effective if the captured images for replay attacks are of high quality but it is less effective than 3D or physical mask attacks. |
Liveness Detection – A Key to Mask Attack Detection
So far, we have understood the working and different dimensions of mask attacks. Despite its complicated web and its risky threat vectors, mask attacks can be detected and prevented. The core of detecting any type of identity spoof attack is liveness detection. This technique if incorporated accurately can effectively differentiate between an actual living person and a potential spoof (non-alive) face in front of the facial biometric scanning device. So far, almost every top-notch IDV solution follows liveness detection as a benchmark to scale their facial recognition systems.
Liveness Detection further has 2 types in the Identification of users through biometrics:
Active Liveness
Active Liveness check confirms that a real alive person is sitting in front of the camera for facial biometrics. It ensures that there is no picture replayed video or image attempting to bypass the facial identification checks.
Passive Liveness
In Passive Liveness, a recorded video or image from a phone or another display device is played before the biometric facial recognition system. Passive liveness will check and confirm if any video replay or picture mask replay attack is being carried out.
Liveness Detection and Biometric Matching Accuracy in Face Recognition
Usually, Liveness Detection is confused with another parameter of gauging a facial verification solution’s performance which is known as ‘Biometric Matching Accuracy’.
Understanding Biometric Matching Accuracy
Biometric Matching Accuracy in facial recognition is one of the most important aspects of facial recognition. The main governing or standard-setting body for Identification solution providers is the National Institute of Standards and Technology (NIST).
Key Standards of NIST’s Facial Recognition Testing
- NIST tests different solution vendors who voluntarily provide their facial recognition algorithms to NIST for testing and analyzing their solution’s performance in different dimensions.
- Under NIST’s benchmark-setting tests, it also analyzes the facial identity verification solution’s ability to detect morph and presentation attacks.
- In September 2023, the National Institute of Standards and Technology (NIST) revealed its cutting-edge anti-spoofing algorithms after splitting its Face Recognition Vendor Test (FRVT) into 2 evaluations, biometrics, and facial analysis. In October 2023, Facial Identity Verification Solutions showed confidence in NIST evaluation on Presentation Attack Detection (PAD).
- NIST recently decided to continue its FRTE face mask benchmark on 1:1 algorithms.
- In 1:N identification through facial recognition, the False Positive Identification Rate (FPIR) is set to 0.003 for testing IDV solutions.
- NIST sets the benchmark for False Non-Match Rate (FNMR) at 0.000001
Facial Biometric Matching Accuracy while detecting mask attacks through facial recognition solutions is one of the best ways to prevent mask attacks for illicit gains. Banks, FIs, crypto exchanges, and other fintech firms require robust facial recognition for secure customer onboarding.
Facia brings a unique web of swiftness and accuracy in detecting bypass attempts in facial IDV systems. Whether it’s mask attacks or morphing attempts, Facia is your weapon of choice in identity fraud prevention. It incorporates different cutting-edge technologies to identify the latest threat vectors. With being highly committed to complying with all NIST standards and other industry best practices, Facia envisions a secure digital onboarding for everyone.
Frequently Asked Questions
Masks pose a challenge to facial recognition because they cover significant facial features, making it harder for systems to accurately identify individuals. Traditional facial recognition relies heavily on visible parts like the nose, mouth, and chin. When these features are obscured, recognition accuracy can significantly decrease. However, the Facia system is foolproof to all these tricks.
Yes, facial recognition systems can sometimes be fooled by a mask, especially if the system hasn't been specifically trained to handle this challenge. Masks that are carefully designed to mimic someone's appearance or that contain realistic features can bypass certain facial recognition software. However, the Facia system is foolproof to all these tricks.
Vulnerabilities include:
- Changes in facial appearance due to masks, hats, or glasses.
- Ageing or sudden changes in hairstyle or facial hair.
- Presentation attacks, such as using high-quality photos, videos, or masks to trick systems.
- Environmental conditions like poor lighting or extreme angles.
- Limitations in the training data that can lead to bias or errors in recognition.
Advanced systems like Facia can detect individuals wearing masks by focusing on visible features like the eyes and upper nose region. It uses sophisticated algorithms trained to work with masked faces.
A 3D mask attack involves creating a high-quality, realistic 3D mask using materials like biodegradable plastics or PLA to replicate a person's face. Such masks are designed to bypass facial recognition by presenting a highly accurate imitation of someone's facial structure and features.
A 3D print attack uses a 3D-printed image of a real face, providing depth and detail. The print mimics the genuine facial features to deceive recognition software, particularly when environmental aspects like lighting and texture are accurately considered.
